Security Appliances: New Strides in Preventing Intrusions

Combining the strengths of several
computer protection products, security appliances are powerful tools that stand
between your IT system and a host of worms, viruses and malicious intruders.
While these devices can repair damage inflicted by security breaches, their
real value comes from preventing costly attacks from occurring in the first
place.

Computer
crime takes a big bite out of business productivity. According to the most
recent FBI/CSI survey on computer crime, hackers were responsible for over $23
billion in losses in 2006-and there is little evidence to suggest that this
alarming trend will be reversed in the near future. But security appliances,
which incorporate an array of security functions, now give SMBs the ability to
ward off security breaches without breaking the bank or hiring more IT staff.

It's an
important development, says David Puzas, business line manager for IBM's
Internet Security Services division. "SMB organizations typically have not had
the level of protection that large enterprises have had in the past," he says.

The
devices-which really are appliances with their server-like design-can address
security far more effectively than several independent pieces of hardware and
software. This is critical for SMBs for a number of reasons. Computer crime
affects not only profitability but also reputation and credibility. If, for
example, a security breach occurs at your business and customer information is
stolen, this may seriously damage the customer goodwill and relationships that
you have worked hard to develop.

Then there
are downtime issues. Any virus, worm or cyber attack that makes its way into
your business can cripple operations for hours-or even days-while your IT staff
and consultants struggle to get things back up and running again.

Situations
like these can make SMB managers wish they could go back in time and do things
differently. But the more logical approach, taken by security appliances, is to
ensure that these situations never occur in the first place.

Combining products bolsters security
strength

Security
appliance design goes a long way in preventing attacks; these devices
incorporate several security products into a single hardware device. Among the
products typically included are antivirus software, intrusion detection,
firewalls, network security software, and scanning capabilities-all of which
work together. In comparison, stand-alone security devices operate independently
of each other. So unless an SMB happens to have dedicated IT security staff to
keep everything is sync, these isolated products can leave a business
vulnerable to attacks.

A security
appliance usually costs far less than purchasing several stand-alone security
products, too. The combination of low cost and high efficiency in safeguarding
IT assets is critical for cost-conscious SMBs, says Puzas. These appliances
automate otherwise time-consuming and expensive security measures needed to
ward off and repair all manner of attacks, such as pharming, phishing, viruses
and worms. "It's not like attacks take time off-they don't stop after five and
then start back up again at nine o'clock in the morning," Puzas says.

Prevention leads to operational cost
savings

While
security appliances perform numerous functions, their central value lies in
preventing increasingly sophisticated attacks. "If you look at attacks over the
last two years, they've simply been able to bypass antivirus software and
firewalls-and then they're on your network causing damage," Puzas says.

Traditional
methods of fixing these problems simply take too long, he continues-which can
leave an SMB suddenly incapable of transacting business. He explains this by
illustrating the limitations of reliance upon a single security product, and
uses antivirus software as an example. "For antivirus to be effective, it has
to actually see the virus, and then defenders have to reverse engineer a
patch," he notes. "But at that point, it's very reactionary, because something
bad has already occurred."

The
security appliance approach is designed to prevent these problems from
occurring in the first place, Puzas says. "Implementation of a multilayer type
of approach to security-where you deploy antivirus, firewalls, and intrusion
prevention technologies-is the best approach, because you're not strapped with
having an attack and applying a patch like you would have to with antivirus."

Security appliances strengthen
business operations

Security
appliances also allow businesses to concentrate on their core competencies
instead of worrying about IT issues, Puzas says. Specific areas of operation
can also take advantage of these devices, he adds-with efficient business
continuity topping the list. According to Puzas, the appliances can help keep
systems-and employees-working away, despite the number of threats that can
cripple a business. Plus, sudden requirements for extra bandwidth demanded by
reactive, stand-alone security solutions are eliminated, allowing SMBs to use
computing power for business applications-while IT staff spends less time
managing security issues.

"Meeting
regulatory compliance is one of those things that security provides," Puzas
adds-and points to credit card transactions and customer protection as areas
where security appliances excel. Plus, these appliances often are capable of
reporting on a company's overall security measures, which is an important
requirement for regulatory compliance.

Constant research meets new threats

Because security
threats are continually evolving, most security appliances are continually
upgraded to fight potential intrusions. How well these security devices can be
upgraded to meet new threats depends on the vendor's commitment to
vulnerability research, Puzas says. Security research for these devices, he
explains, should ideally consist of finding weaknesses in the most widely used
operating systems and applications-as well as determining how these
technologies are used in specific industries.

Managed services strengthen security
appliance power

Ensuring
that these appliances are kept up-to-date is more easily achieved by
outsourcing the job to security services, Puzas says. "It's one thing to buy a
box or a set of software-it's another thing to make it effective and get the
most out of your investment," he explains. SMBs considering this option, he
says, should look for vendors with strong security research backgrounds and the
ability to upgrade security solutions remotely at any time.

"You can't
be everywhere all the time," notes Puzas as one of the challenges SMBs face in
securing their IT assets against intrusions. He also cautions, "You can never
be 100 percent secure." But with security appliances, SMBs can take a
significant bite out of computer crime-while protecting IT investments,
profitability, and reputation.